US military review backs pre-emptive cyber strikes

Agence France-Presse

WASHINGTON - US military officers have endorsed the principle of pre-emptive cyber-strikes if the United States ever faces an imminent and large-scale digital attack, officials said Monday.

No formal approval has been issued, but the conclusions of the review signal that President Barack Obama's administration is ready to embrace pre-emptive cyber attacks as part of military doctrine, officials told AFP.

Under the proposed rules, a pre-emptive digital strike would usually require the approval of the president, they added.

Defense officials compared the guidelines to those applied to nuclear weapons, with built-in checks designed to ensure careful deliberation and no action without a clear decision by the commander-in-chief.

"Because of the magnitude of the cyber weapons involved, it really would need to be subject to review from the highest levels," said a defense official.

The military and top civilian officials examined scenarios for offensive cyber ops while updating "rules of engagement" for the armed forces, adding the digital realm to the standard battle areas of air, land, sea and space.

"They're trying to normalize cyber as a domain," the official added.

Under the guidelines, the military would not defend against ordinary digital attacks on US companies or individuals, a task that would be overseen by the Department of Homeland Security.

But the Pentagon would become involved in the case of a threatened large-scale cyber assault against the United States, said officials, confirming a New York Times report.

The Pentagon declined to comment publicly on the conclusions of the review but acknowledged the military was studying the rules of cyber warfare.

"There has been a good discussion across the department about appropriate guidance to military commanders on operations in all domains, including cyber," said spokesman Lieutenant Colonel Damien Pickart.

The "standing rules of engagement" were last revised in 2005, he said.

He said the rules are meant "to provide military commanders, including cyber professionals, clear guidance on what actions to take when faced with threats and attacks."

Obama has reportedly approved at least one cyber attack, the digital assault on networks used at Iran's uranium enrichment sites.

The operation, code-named Olympic Games, was revealed in articles and a subsequent book by New York Times reporter David Sanger.

Officials also confirmed that the Pentagon may dramatically expand its newly-created cyber command by increasing the number of troops and civilians to about 4,900 from the current work force of roughly 900.

The troops would be assigned to "national mission forces" safeguarding electrical grids and other vital infrastructure; "combat mission forces" to carry out digital operations around the world; and "cyber protection forces" focused on defending the military's own computer networks.